With increasing regulatory activity and growing public awareness and concern, no organisation can afford to ignore data protection. Compliance, preferably best practice, avoids problems with the regulator, preserves reputation and develops client confidence.
This course is designed to be of value to lawyers, accountants, human resource managers, IT managers, company secretaries and others who have responsibility for the handling of personal data. It will give an overview of the Data Protection Act 1998 and those parts of the Privacy and Electronic Communications Regulations (PECR) relating to direct marketing. It will then discuss selected topics in further detail, including subject access requests, cloud computing, the Employment Code of Practice, data sharing and compliance with PECR.
There will also be a brief outline of the proposed EU General Data Protection Regulation.
• To demonstrate an understanding of the major definitions, principles, obligations and rights of the Data Protection Act 1998
• To understand the enforcement actions which may be taken by the Information Commissioner
• To understand the criteria for imposing Civil Monetary Penalties and to be aware of recent examples
• To appreciate the issues relating to cross-border transfers of personal data and apply this knowledge
• To be aware of the constraints on direct marketing activities and how these may be addressed
• To understand the principal data protection issues in contexts including cloud computing, employment/HR and the merger, acquisition and disposal of businesses
• To be aware of the latest developments in the European Union Data Protection Regulation and their implications for compliance
• To recognise and process a subject access request
This course will satisfy the requirements of most professional bodies for six hours of verifiable CPD. Attendance certificates will be available on request.